I'm your host, Jester. I've been an EVE Online player for about six years. One of my four mains is Ripard Teg, pictured at left. Sadly, I've succumbed to "bittervet" disease, but I'm wandering the New Eden landscape (and from time to time, the MMO landscape) in search of a cure.You can follow along, if you want...

Thursday, February 14, 2013

Guilty until proven guilty

Chances are, by now you've heard the tale of the 317 billion ISK donation that was made to EVE University, and how the donation was then confiscated. If you haven't heard the tale, it's covered at length on both TMDC and EN24. Poetic Stanziel has also written a post copying Kelduum Revaan's notification of his understanding of the facts to the E-UNI membership, and a follow-up post covering his concerns about a security team that apparently reports to nobody but the security team.

So the facts here are well-covered and I encourage you to make yourself familiar with them. But I will very briefly summarize. Skip down three paras if you're already familiar with this story.

E-UNI had a long-term member, who Kelduum referred to as "John", apparently a model E-UNI member. But he also managed to rack up the aforementioned 317 billion ISK through station trading and market manipulation. One of the means of this remarkable success was a self-built tool meant to operate in the in-game browser that -- as far as I can tell -- made it easier to facilitate price changes of market orders in Jita. I presume this tool operated by doing pulls of market data, comparing it to the known prices of the programmer's buy or sell orders, and then likely notifying John which orders needed to be updated.

I don't know for sure if this is how it worked, but based on the limited information that's been provided to date, this seems the most likely scenario. However the tool worked, the efficiency of John's station trading was flagged by one of CCP's internal security tools, John's account was flagged as "suspicious", and he received a 14-day ban for a violation of the EULA, specifically the portion forbidding the use of macros. At the end of the 14-day ban, John over-reacted rather badly, donating his entire fortune to E-UNI and bio-massing all of his characters. Kelduum took the donated ISK, transferred it to a shell corporation, and sent a petition to a GM informing CCP where the ISK came from and asking for assurance that the ISK was not gained through illegal means.

A few days later, CCP responded by confiscating the ISK. Kelduum objected both privately and publicly, repeatedly, but CCP has held firm stating that it is their belief that John violated the EULA and the ISK was ill-gained.

There's several interesting things going on here.

Let's start with the basic one. CCP Sreegs has flat-out stated that John was botting. So anyone who is arguing against CCP's response on this is essentially defending a botter. Now, given how much CCP enjoys negative publicity (hint: they despise it), I think we can all be confident that Sreegs is pretty certain of his facts here. The better part of a month went by over the course of this investigation, the whole thing has gone very public, and the person at the center of this is a member of the CSM with unprecedented access to Sreegs and the rest of CCP.

In short, I think we can be pretty damn sure that this was looked into pretty thoroughly before Sreegs was permitted to go public.

But weirdly, this situation seems to have escalated beyond that, on two levels.

The first weird level is Kelduum's participation. As I said, this guy is a member of CSM7. As a result, he could have (and should have) kept this thing entirely private using the contacts he has with CCP to address this. In his post, Sreegs seems quite honestly perplexed that a CSM member would take something like this public, and so am I. In an ironic twist, CSM members aren't supposed to get directly involved in GM petition disputes regarding single player issues -- it's one of the hidden quirks of the job. But here we have a CSM member doing just that, then quite frankly trying to air the thing in the court of public opinion when the decision didn't go his way.

That's ironic in the extreme. And as far as I can tell, Kelduum seems entirely motivated by the money. Now granted, that's a lot of money. But still, this is the windmill he chooses to tilt at? Really? Here's my favorite bit of his e-mail to his membership (it's from one of his petitions to the GMs):

I appreciate your time spent checking this for us. Not to be ungrateful, but are you absolutely sure that all of the ISK was illegitimate? There isn't some fraction that is legitimate that we could keep?

Oh dear Heaven. Really?
That's the quote of the week, by the way.

So here we have a CSM member defending someone who is at best a market botter and is at worst a full-on violator of the TOS/EULA. And then he's trying to keep this botter's ISK, even if he only gets to keep a portion of it. Forgive me for not having much sympathy but as someone who legitimately trades in Jita every day and spends hours fighting market bots and macros, I've gotta tell you that I despise everything John stands for. Sorry about that.

If that wasn't ironic enough, on the other side of the debate is Poetic Stanziel defending EVE University! Who ever thought they'd see that happen? ;-) He argues that Sreegs over-stepped his bounds and is operating without oversight. To be fair, Sreegs does seem to imply that while the initial investigation into John's activities found relatively minor macro use, deeper investigation revealed more serious EULA violations. Poetic is troubled by this and compares it to a policeman investigating one crime, eventually finding the suspect innocent of that one, but during that investigation finding the suspect guilty of a completely unrelated crime and prosecuting that crime instead.

Pardon me for interjecting a little reality into the situation... but... ummm... so what?

Kelduum brings up U.S. jurisprudence saying that John should be innocent until proven guilty, and that's so amusingly ridiculous that I'm surprised he even thought of this issue in that context.

Guys, we play a game on a server. CCP owns that server. CCP owns everything on that server, including all our characters and all our assets. Don't believe me? Check out the TOS for yourself. It's in there. That gives them the perfect legal right to delve into any activity we're involved in on their servers and stomp the crap out of us if they find we're doing something untoward. Whatever it is. However they find it. For any reason they care to. Any time they like.

Let's be clear here. I'm not exactly a fan of Sreegs sometimes. But he's completely in the right on this one, and anyone arguing otherwise is wrong. I realize this probably won't be a popular opinion, but I think he's got good reason to be perplexed at people arguing with him. And trying to say that he's acting without oversight is just silly.

I cop a lot of flak for my annoyance at CCP. However few care or understand why. It's basically what's been described in this debacle. I don't flat out disagree with the motives of CCP, and I would prefer to support them. However, the lack of transparency in process and the questionable ethical behavior to get to an outcome is simply not right.

Not all of us have the platform of the CSM or EU to air our grievances when they have been the subject of similar treatment.

You would be amazed at what CCP can say to you and the sanctions they threaten if you try to complain or escalate to the next level.

Yes Jester, CCP own the village, but you simply knifing the odd villager in the middle of the night to preserve the peace isn't the way to save it.

It's been nearly three months since I requested information on some very questionable CCP actions and guess what? No transparency, no response. I have no influence, so no CPP forum posts for my benefit.

Thise whole debate is completely pointless from my point of view. It's not even fun to watch, it's just lot of inflated egos and uninformed oponions colliding with harsh reality.

As someone who did work as a customer service monkey for a borderline-illegal pseudo-gambling enterprise I can say CCP handled the whole matter horribly. They should've replied to the very first query, after they confiscated the 317bil, with "all the dosh is botted, we burned it in virtual bonfire, EOD" and strangled the matter in the crib. Instead they went all "Third party, can't say nuffin'" to the guy they confiscated the goddamn money from and allowed the whole thing to get blown way out of proportion.

On the other hand Kelduum lost his cool from all the shiny digits in the donation and allowed his overinflated ego to interfere with reason... but perhaps this isn't much of a surprise. You can't really expect professional self-discipline in a matter like this from a customer, and at the end of the day this is what Kelduum is.

No matter whether I'm jon/jane doe or mister high and shiny CSM Uberman, won't explain in public how the botter is caught. And asking for getting a part of the botted money is like legalizing it for the "good cause". Now when is it a good cause? Should we allow eve uni to use bots so they can better educate there students how to play? with great examples how not to?

Keldum seems to get greedy or just has a black out. Sreegs might be arguable but he is consequent and needs to stay objective.Don't care who botted, don't care why botted. Botted --> Dead, good. Else we will end up with tones of threads lamenting how hard eve is and how they have to bot to get there titans they do desperately need.

"If that wasn't ironic enough, on the other side of the debate is Poetic Stanziel defending EVE University! Who ever thought they'd see that happen? ;-) He argues that Sreegs over-stepped his bounds and is operating without oversight. To be fair, Sreegs does seem to imply that while the initial investigation into John's activities found relatively minor macro use, deeper investigation revealed more serious EULA violations. Poetic is troubled by this and compares it to a policeman investigating one crime, eventually finding the suspect innocent of that one, but during that investigation finding the suspect guilty of a completely unrelated crime and prosecuting that crime instead."

Err.

That's not what I'm saying at all. That second post isn't about E-Uni at all. It's about oversight. And by the time you reach that Sreegs quote about "false-positives, but still finding other unrelated crimes", I'm well off anything to do with E-Uni at that point.

And that Sreegs quote is from 04/2012.

As I said, I couldn't give two shits about E-Uni or their quest for 317B ISK. I only care that false-positives are investigated thoroughly. Team Security has a habit of not investigating incorrect accusations of wrong-doing (unless pushed due to outside forces), and people have a habit of believing them infallible. I give an excellent example of a person done entirely wrong by Team Security.

I disagree with Poe's unsubstantiated claim that Team Security "has a habit of not investigating incorrect accusations of wrong-doing". The one incident mentioned on Poe's blog certainly does not prove a "habit" - no more than having one drink at a bar proves you are an alcoholic.

I was investigated by Team Security last year, based on petitions from other players (falsely) claiming that I was using bots. CCP did not hit me with a ban, nor seize my ISK/assets. Rather, they contacted me, explained the situation, asked some questions, thanked me for my cooperation, and told me that everything was ok.

An excellent example of a person done entirely right by Team Security.

I'm surprised " CSM members aren't supposed to get directly involved in GM petition disputes regarding single player issues "I'd figure since they are representing us they sometimes do.

Then again I really hate MACRO use and think it should be punished by taking away of all suspects assets/ISK rather liberally and without too in depth look at what asset was illicit & what wasn't because of the time involved so blanket confiscation is justified... such a blanket confisication also should have been applied to the Goon FW asset confisication too IMHO.

If CCP introduces a broken mechanic, it is up to CCP to fix it. It is almost impossible for players to know ex ante what CCP will deem an allowable game mechanic or an exploit. Large ex post punishments for failing to predict the mind of CCP strieks me as troubling. For a concrete example, in this recent case with Eve-Uni, CCP Spergs states that he thinks cache-scrapping is probably illegal. Given that this current practice is allowed and fairly widespread when used in conjunction with their own API tools, it seems that we get on the ban-wagon way too quickly.

But I am more interested in/by CCP Sreeg's comments in the thread about all cache scraping being illegal.

I know very few traders who don't rely on market data being scraped from the clients cache. Either they do it themselves, or they get that data from eve-central, or eve-marketdata, where it is uploaded to by other people...

Yup, that is a level headed summary of how things stand today. I don't intend on being disrespectful to Poetic when I say that he is following his own agenda and so he was able to put aside his "E-UNI: A pox on the game" feelings when the situation suited.

Like all previous publicly aired RMT/botting incidents where the "innocent and wronged" are revealed or exposed to be guilty, this story is evolving to encopass supposedly greater issues, namely CCP communication to the playerbase. I take this as a sign that the fire is out and the embers are slowly cooling.

Hopefully, we [E-UNI] can all get back to the serious business of internet spaceships, specifically the upcoming total-hell-death-mega-war with RvB :-D

"CCP Sreegs has flat-out stated that John was botting. So anyone who is arguing against CCP's response on this is essentially defending a botter."

That statement is nuts. While the practical reality is that the CCP does have the final and absolute word on this, this is very clearly a case of 'moving the goalposts' on the part of CCP. They provide an in-game browser and API to access certain data in the game, then throw a fit when someone goes to the effort to making a tool which combines the two to make his workflow more efficient, and retroactively declare it botting *without* even clarifying where the new goalposts are.

@Von Keigai - I don't know the specifics of the "bot" being used here, but lets break down what enneract was saying.

CCP offers an IGB - this IGB is a reasonably modern browser which supports all manner of things, one of which is javascript.

They then provide a few minor things via javascript that allow the IGB to interact with the game. These include a method to open up a character's profile, a method to item up and many more. One method in particular that is useful to traders is also exposed: showMarketDetails, which when invoked will open up the market window for a given item id.

This is particularly useful because opening up the market window caches the market data, allowing another 3rd party tool to come into its own - a market cache reader. This is not a bot, and in fact is probably running on your machine right now if you have evemon running. Market cache readers are used to feed information to the likes of eve central but can also be used for your own private applications.

So what happens when you combine the 2? You get a button on a web page which opens up an items market details and the cache is read by an external application, the resulting info parsed and information is displayed in your browser to tell you what you should shift the price to. A slightly more sophisticated implementation may even copy the value you need into the clip board for you, at which case it is a matter of opening up your modify order screen, and pasting a value in. How is this in any way botting?

Taking it further, a simple bit of javascript would allow you to run a process which would open the market details for each item in your trading collection in sequence, priming your market calculation tool with all the info it would need to rapidly modify orders.. BUT YOU STILL HAVE TO MODIFY THE ORDERS YOURSELF.

You are not injecting anything into the game - you are using tools CCP has given you (cache files, the IGB and the CCPEVE javascript object) and a little bit of know how.

I'm sorry but if this is what was being done and Sreegs considers it botting then I want the drugs he's taking because that is some mad shit.

If "John's" tool was actually automatically modifying the market orders for him then he's got a problem - but once again the cone of silence from CCP has closed down around the issue and no specifics about what was happening are being released.

Given CCP (and Sreegs) dreadful track record with respect to handling exploits and botting it is not irrational to come down on the side of John and Eve Uni in this matter.

It is possible to exceed the speed limit when a licensed driver is driving a car that is registered for the country it is being driven in. Having a licence and a registered car does not mean the State has given the driver permission to drive at any speed they wish.

By the same token, CCP has given us more than enough rope to hang ourselves with.

With great power comes great responsibility. "John" neglected this responsibility.

I think the main issue is that although true, the state will set you a speed limit. It will be well documented next to roads, on sat nav's, and just about anywhere else you can think of. It will be in your face, unavoidable and completely clear.

In the case of the market cache and javascript functions callable from the IGB, there are no such rules set up. There is no clear documentation on what you can and can't do with the tools provided. Unlike you being provided a car, but told EXPLICITLY how fast you can drive it.

I don't agree with what's happened here. But unfortunately people will cry, whinge and complain, but like anything else, the people in charge won't reverse the decision, even if they find that they're wrong further down the line. They lose face, and people stop respecting their decisions.

The best way to handle it is the way they are. Make a decision internally, enforce it, stick to it.

"John" was a botter - TRUE300+ bil ISK was illicit - TRUECCP F****d Up - TRUE, because by reading through the walls text all over the internets it looks like it would have been enough for CCP GMs/DEVs just write an answer to his petition which looks something like below captioned text to avoid this PR failure :"We are sorry to inform you, that after extensive investigation of "Johns" activities in game it was confirmed he was boting and thus ALL assets related to his account must be seized. Moreover, we made a mistake by not seizing the assets initially, what allowed for the assets to be transferred to you.Thank you for your cooperation and again sorry for any inconveniences this whole situation might have caused you.

CPP GM or DEV"

Most funny failure from CCP in this story is when they state that EVE Uni is just a third party and they don't have to tell them anything, although it is actually their fault that illicit ISK where delivered to EVE Uni in the first place thus making them direct party to deal with in this situation.

I do understand that the EvE belongs to CCP, but without players it is just ones and zeros on the server, so CCP should treat the people who play their game with respect and I personally think that a simple "Sorry, we f****d up" would have been enough to avoid all this mess.

It's funny how many people don't get what third party refers to in this circumstance:

EVE Uni is a third party to the initial misconduct of John. It doesn't matter if they later gain or are harmed by him. They are no part of the initial action. And so it's not up to them to know anything about John and that action. Imho not even that he was botting (what kind of misconduct). They being direct party in the illicit ISK doesn't change any of this.

When you realize this and look what information is left if you exclude any information about John's misconduct, CCP has told EVE Uni what they are privileged to know: "that due to the ISK being related to a security matter, it has been confiscated".

And yet the big time, career RMT peeps continue to head/be high up in alliances, live off the backs of the proletariat, make a cushy living and march on to the bank. The winners of the T2 BPO lottery/scam continue to reap their rewards. And lastly, "customer service" is burned in effigy at CCP as things like POSes and so on are put on the back burner because "they don't affect that many people."

EVE Online and the EVE logo are the registered trademarks of CCP hf. All rights are reserved worldwide. All other trademarks are the property of their respective owners. EVE Online, the EVE logo, EVE and all associated logos and designs are the intellectual property of CCP hf. All artwork, screenshots, characters, vehicles, storylines, world facts or other recognizable features of the intellectual property relating to these trademarks are likewise the intellectual property of CCP hf. CCP hf. has granted permission to Jester's Trek to use EVE Online and all associated logos and designs for promotional and information purposes on its website but does not endorse, and is not in any way affiliated with Jester's Trek. CCP is in no way responsible for the content on or functioning of this website, nor can it be liable for any damage arising from the use of this website.